.github/workflows/docker-ci.yml

name: Java CI with Gradle

# 동작 조건 설정 : main 브랜치에 push가 발생할 경우 동작한다.
on:
  push:
    branches: [ "develop" ]

permissions:
  contents: read

jobs:
  # Spring Boot 애플리케이션을 빌드하여 도커허브에 푸시하는 과정
  build-docker-image:
    runs-on: ubuntu-22.04

    steps:
      - name: checkout
        uses: actions/checkout@v4

      # 1. Java 세팅
      - name: Set up JDK 11
        uses: actions/setup-java@v4
        with:
          java-version: '11'
          distribution: 'temurin'

      - name: make application.properties
        run: |
          cd ./src/main/resources
          touch ./application.properties
          
          # GitHub-Actions 에서 설정한 값을 application.properties 파일에 쓰기
          echo "${{ secrets.APPLICATION_PROPERTIES }}" >> ./application.properties
        shell: bash

        # 환경 변수 설정 (Firebase)
      # - name: create-json
      #   id: create-json
      #   uses: jsdaniell/create-json@v1.2.2
      #   with:
      #     name: ${{ secrets.FIREBASE_JSON_FILENAME }}
      #     json: ${{ secrets.FIREBASE_JSON }}
      #     dir: 'src/main/resources'


      # 2. Spring Boot 애플리케이션 빌드
      - name: Build with Gradle
        run: |
          chmod +x ./gradlew
          ./gradlew  bootJar -x test

      # 3. Docker 이미지 빌드
      - name: docker image build
        run: docker build -t ${{ secrets.DOCKERHUB_USERNAME }}/drugbox-grad .

      # 4. DockerHub 로그인
      - name: docker login
        uses: docker/login-action@v2
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_PASSWORD }}

      # 5. Docker Hub 이미지 푸시
      - name: docker Hub push
        run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/drugbox-grad

     # 6. EC2 보안그룹에 Github Actions 추가
      - name: Get Github action IP
        id: ip
        uses: haythem/public-ip@v1.2
           
      - name: Configure AWS credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} 
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} 
           aws-region: ap-northeast-2
       
      - name: Add Github Actions IP to Security group
        run: |
           aws ec2 authorize-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32    
    

      # Deploy Images with Docker compose
      - name: executing remote ssh commands using password
        uses: appleboy/ssh-action@master
        env:
          APP: "drugbox-grad"
          COMPOSE: "/home/ubuntu/compose/docker-compose.yml"
        with:
          username: ubuntu
          host: ${{ secrets.EC2_HOST }}
          key: ${{ secrets.EC2_PRIVATE_KEY }}
          port: ${{ secrets.EC2_SSH_PORT }}
          envs: APP, COMPOSE
          script_stop: true
          script: |
            sudo docker-compose -f $COMPOSE down
            sudo docker pull ${{ secrets.DOCKERHUB_USERNAME }}/drugbox-grad 
            sudo docker-compose -f $COMPOSE up -d


      - name: Remove Github Actions IP from security group
        run: |
           aws ec2 revoke-security-group-ingress --group-id ${{ secrets.AWS_SG_ID }} --protocol tcp --port 22 --cidr ${{ steps.ip.outputs.ipv4 }}/32